Implement cookie auto-refresh

The intention is to refresh the cookie whenever the user accesses an authenticated service with less than `cookie-refresh` time to go before the cookie expires.
2025-11-29 22:48:19 +02:00 · 2015-05-08 10:00:57 -04:00
parent 5cbdb74518
commit 8e2d83600c
5 changed files with 41 additions and 7 deletions
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -33,6 +33,7 @@ type OauthProxy struct {
 	CookieSecure   bool
 	CookieHttpOnly bool
 	CookieExpire   time.Duration
+	CookieRefresh  time.Duration
 	Validator      func(string) bool

 	redirectUrl         *url.URL // the url to receive requests at
@@ -136,6 +137,7 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy {
 		CookieSecure:   opts.CookieSecure,
 		CookieHttpOnly: opts.CookieHttpOnly,
 		CookieExpire:   opts.CookieExpire,
+		CookieRefresh:  opts.CookieRefresh,
 		Validator:      validator,

 		clientID:           opts.ClientID,
@@ -259,10 +261,11 @@ func (p *OauthProxy) SetCookie(rw http.ResponseWriter, req *http.Request, val st
 }

 func (p *OauthProxy) ProcessCookie(rw http.ResponseWriter, req *http.Request) (email, user, access_token string, ok bool) {
+	var value string
+	var timestamp time.Time
 	cookie, err := req.Cookie(p.CookieKey)
 	if err == nil {
-		var value string
-		value, ok = validateCookie(cookie, p.CookieSeed)
+		value, timestamp, ok = validateCookie(cookie, p.CookieSeed)
 		if ok {
 			email, user, access_token, err = parseCookieValue(
 				value, p.AesCipher)
@@ -270,6 +273,11 @@ func (p *OauthProxy) ProcessCookie(rw http.ResponseWriter, req *http.Request) (e
 	}
 	if err != nil {
 		log.Printf(err.Error())
+	} else if p.CookieRefresh != time.Duration(0) {
+		refresh_threshold := time.Now().Add(p.CookieRefresh)
+		if refresh_threshold.Unix() > timestamp.Unix() {
+			p.SetCookie(rw, req, value)
+		}
 	}
 	return
 }